<?php 

error_reporting(0);

include_once 'conf/db-config.php';
//get the posted values
$user_name=htmlspecialchars($_REQUEST['username'],ENT_QUOTES);
$pass= $_POST['password'];
//print $pass;
$sql="SELECT u.id as id, l.user_name as user_name,l.password as password FROM user_detail u,login_detail l WHERE  l.user_name=u.user_name AND l.user_name='".$user_name."'";

$result=mysql_query($sql);
while ($row = mysql_fetch_array($result))
{
	//print_r($row);
	$user_id = $row['id'];
	if(strlen($user_id)>0)
	{
		if($row['password']==$pass)
		{
			session_start();
			$_SESSION['u_name']=$user_name; 
			$_SESSION['user_id']=$user_id;
			if(strlen($_SESSION['u_name'])>0)
			{
				
				//$str ="ProfileEvaluation.php";
				$str ="Home.php";
				
			}
			else 
			{
				$str ="index.php";
			}
		}
		else
		{
			$str ="ProfileEvaluation.php";
		}
	}
	else
	{
		$str ="ProfileEvaluation.php";
	}
}
echo $str;
?>
